TEST_F(PacksTests, test_check_platform) {
Pack fpack("discovery_pack", getPackWithDiscovery());
EXPECT_TRUE(fpack.checkPlatform());
// Depending on the current build platform, this check will be true or false.
fpack.platform_ = kSDKPlatform;
EXPECT_TRUE(fpack.checkPlatform());
fpack.platform_ = (kSDKPlatform == "darwin") ? "linux" : "darwin";
EXPECT_FALSE(fpack.checkPlatform());
fpack.platform_ = "null";
EXPECT_TRUE(fpack.checkPlatform());
fpack.platform_ = "";
EXPECT_TRUE(fpack.checkPlatform());
fpack.platform_ = "bad_value";
EXPECT_FALSE(fpack.checkPlatform());
fpack.platform_ = "posix";
if (isPlatform(PlatformType::TYPE_POSIX) ||
isPlatform(PlatformType::TYPE_LINUX) ||
isPlatform(PlatformType::TYPE_OSX) ||
isPlatform(PlatformType::TYPE_FREEBSD)) {
EXPECT_TRUE(fpack.checkPlatform());
}
if (isPlatform(PlatformType::TYPE_WINDOWS)) {
EXPECT_FALSE(fpack.checkPlatform());
}
}
bool Map::isAnyPlatformBelow(float X, float Y) {
Y += pPlayer_sy;
short current_px = -1 * pOffset_X;
short next_px = current_px + pSize;
int index_x = pos_X;
while (!(current_px <= X && next_px > X)) {
++index_x;
current_px = next_px;
next_px += pSize;
}
short current_py = App::getScreenHeight();
short next_py = current_py - pSize;
int index_y = pAmountEntityVertical - 1;
while (!(current_py >= Y && next_py < Y)) {
--index_y;
current_py = next_py;
next_py -= pSize;
}
if (isPlatform(pMap[index_x][index_y])
|| isPlatform(pMap[index_x + 1][index_y]))
return true;
return false;
}
QueryData genChromeExtensions(QueryContext& context) {
fs::path chromePath;
/// Each home directory will include custom extensions.
if (isPlatform(PlatformType::TYPE_WINDOWS)) {
chromePath = "\\AppData\\Local\\Google\\Chrome\\User Data\\%\\Extensions\\";
} else if (isPlatform(PlatformType::TYPE_OSX)) {
chromePath = "/Library/Application Support/Google/Chrome/%/Extensions/";
} else {
chromePath = "/.config/google-chrome/%/Extensions/";
}
return genChromeBasedExtensions(context, chromePath);
}
std::shared_ptr<PlatformProcess> PlatformProcess::launchTestPythonScript(
const std::string& args) {
std::string osquery_path;
auto osquery_path_option = getEnvVar("OSQUERY_DEPS");
if (osquery_path_option) {
osquery_path = *osquery_path_option;
} else {
if (!isPlatform(PlatformType::TYPE_FREEBSD)) {
osquery_path = "/usr/local/osquery";
} else {
osquery_path = "/usr/local";
}
}
// The whole-string, space-delimited, python process arguments.
auto argv = osquery_path + "/bin/python " + args;
std::shared_ptr<PlatformProcess> process;
int process_pid = ::fork();
if (process_pid == 0) {
// Start a Python script
::execlp("sh", "sh", "-c", argv.c_str(), nullptr);
::exit(0);
} else if (process_pid > 0) {
process.reset(new PlatformProcess(process_pid));
}
return process;
}
void SetUp() override {
if (isPlatform(PlatformType::TYPE_WINDOWS)) {
socket_path = OSQUERY_SOCKET;
} else {
socket_path = kTestWorkingDirectory;
}
socket_path += "testextmgr" + std::to_string(rand());
if (!isPlatform(PlatformType::TYPE_WINDOWS)) {
remove(socket_path);
if (pathExists(socket_path)) {
throw std::domain_error("Cannot test sockets: " + socket_path);
}
}
}
TEST_F(FlagsTests, test_platform) {
PlatformType mPlatformType = PlatformType::TYPE_POSIX;
EXPECT_TRUE(isPlatform(PlatformType::TYPE_POSIX, mPlatformType));
mPlatformType = PlatformType::TYPE_OSX | PlatformType::TYPE_POSIX;
EXPECT_TRUE(isPlatform(PlatformType::TYPE_POSIX, mPlatformType));
EXPECT_TRUE(isPlatform(PlatformType::TYPE_OSX, mPlatformType));
// Now set and check a valid casting.
mPlatformType = static_cast<PlatformType>(8);
EXPECT_EQ(PlatformType::TYPE_LINUX, mPlatformType);
// Set something that doesn't make sense
mPlatformType = PlatformType::TYPE_WINDOWS | PlatformType::TYPE_BSD;
EXPECT_FALSE(isPlatform(PlatformType::TYPE_LINUX, mPlatformType));
EXPECT_FALSE(isPlatform(PlatformType::TYPE_OSX, mPlatformType));
}
void TearDown() override {
Dispatcher::stopServices();
Dispatcher::joinServices();
if (!isPlatform(PlatformType::TYPE_WINDOWS)) {
remove(socket_path);
}
}
QueryData genListeningPorts(QueryContext& context) {
QueryData results;
auto sockets = SQL::selectAllFrom("process_open_sockets");
for (const auto& socket : sockets) {
if (socket.at("family") == kAF_UNIX && socket.at("path").empty()) {
// Skip anonymous unix domain sockets
continue;
}
if ((socket.at("family") == kAF_INET || socket.at("family") == kAF_INET6) &&
socket.at("remote_port") != "0") {
// Listening UDP/TCP ports have a remote_port == "0"
continue;
}
Row r;
r["pid"] = socket.at("pid");
if (socket.at("family") == kAF_UNIX) {
r["port"] = "0";
r["path"] = socket.at("path");
r["socket"] = "0";
} else {
r["address"] = socket.at("local_address");
r["port"] = socket.at("local_port");
auto socket_it = socket.find("socket");
if (socket_it != socket.end()) {
r["socket"] = socket_it->second;
} else {
r["socket"] = "0";
}
}
r["protocol"] = socket.at("protocol");
r["family"] = socket.at("family");
auto fd_it = socket.find("fd");
if (fd_it != socket.end()) {
r["fd"] = fd_it->second;
} else {
r["fd"] = "0";
}
// When running under linux, we also have the user namespace
// column available. It can be used with the docker_containers
// table
if (isPlatform(PlatformType::TYPE_LINUX)) {
r["net_namespace"] = socket.at("net_namespace");
}
results.push_back(r);
}
return results;
}
QueryData genPythonPackages(QueryContext& context) {
QueryData results;
std::set<std::string> paths;
if (context.constraints.count("directory") > 0 &&
context.constraints.at("directory").exists(EQUALS)) {
paths = context.constraints["directory"].getAll(EQUALS);
} else {
paths = kPythonPath;
}
for (const auto& key : paths) {
genSiteDirectories(key, results);
}
if (isPlatform(PlatformType::TYPE_OSX)) {
for (const auto& dir : kDarwinPythonPath) {
std::vector<std::string> versions;
if (!listDirectoriesInDirectory(dir, versions, false).ok()) {
continue;
}
for (const auto& version : versions) {
// macOS will link older versions to 2.6.
auto version_path = fs::path(version).parent_path();
if (fs::is_symlink(symlink_status(version_path))) {
continue;
}
auto complete = version + "lib/python" +
version_path.filename().string() + "/site-packages/";
genSiteDirectories(complete, results);
}
}
} else if (isPlatform(PlatformType::TYPE_WINDOWS)) {
// Enumerate any system installed python packages
auto installPathKey = "HKEY_LOCAL_MACHINE\\" + kWinPythonInstallKey;
genWinPythonPackages(installPathKey, results);
// Enumerate any user installed python packages
installPathKey = "HKEY_USERS\\%\\" + kWinPythonInstallKey;
genWinPythonPackages(installPathKey, results);
}
return results;
}
TEST_F(LoggerTests, test_recursion) {
// Stop the internal Glog facilities.
google::ShutdownGoogleLogging();
auto& rf = RegistryFactory::get();
auto plugin = std::make_shared<RecursiveLoggerPlugin>();
rf.registry("logger")->add("recurse", plugin);
EXPECT_TRUE(rf.exists("logger", "recurse"));
EXPECT_TRUE(rf.setActive("logger", "recurse").ok());
FLAGS_logtostderr = true;
initStatusLogger("logger_test");
initLogger("logger_test");
LOG(WARNING) << "Log to the recursive logger";
EXPECT_EQ(1U, plugin->statuses);
FLAGS_logger_status_sync = false;
LOG(WARNING) << "recurse";
if (isPlatform(PlatformType::TYPE_WINDOWS)) {
for (size_t i = 0; i < 100; i++) {
std::this_thread::sleep_for(std::chrono::microseconds(10));
if (plugin->statuses == 3U) {
break;
}
}
}
EXPECT_EQ(3U, plugin->statuses);
// Try again with the tool type as a daemon.
auto tool_type = kToolType;
kToolType = ToolType::DAEMON;
LOG(WARNING) << "recurse";
// The daemon calls the status relay within the scheduler.
EXPECT_EQ(3U, plugin->statuses);
// All of recursive log lines will sink during the next call.
relayStatusLogs(true);
EXPECT_EQ(4U, plugin->statuses);
relayStatusLogs(true);
EXPECT_EQ(5U, plugin->statuses);
kToolType = tool_type;
EXPECT_EQ(0U, queuedStatuses());
EXPECT_EQ(0U, queuedSenders());
// Make sure the test file does not create a filesystem log.
// This will happen if the logtostderr is not set.
EXPECT_FALSE(pathExists("logger_test.INFO"));
FLAGS_logtostderr = false;
}
TEST_F(SQLiteUtilTests, test_table_attributes_event_based) {
{
SQLInternal sql_internal("select * from process_events");
if (!isPlatform(PlatformType::TYPE_WINDOWS)) {
EXPECT_TRUE(sql_internal.ok());
EXPECT_TRUE(sql_internal.eventBased());
}
}
{
SQLInternal sql_internal("select * from time");
EXPECT_TRUE(sql_internal.ok());
EXPECT_FALSE(sql_internal.eventBased());
}
}
bool Pack::checkPlatform(const std::string& platform) const {
if (platform.empty() || platform == "null") {
return true;
}
if (platform.find("any") != std::string::npos ||
platform.find("all") != std::string::npos) {
return true;
}
auto linux_type = (platform.find("linux") != std::string::npos ||
platform.find("ubuntu") != std::string::npos ||
platform.find("centos") != std::string::npos);
if (linux_type && isPlatform(PlatformType::TYPE_LINUX)) {
return true;
}
auto posix_type = (platform.find("posix") != std::string::npos);
if (posix_type && isPlatform(PlatformType::TYPE_POSIX)) {
return true;
}
return (platform.find(kSDKPlatform) != std::string::npos);
}
TEST_F(FilesystemLoggerTests, test_log_status) {
if (isPlatform(PlatformType::TYPE_WINDOWS)) {
// Cannot test status deterministically on windows.
return;
}
initStatusLogger("osqueryd");
initLogger("osqueryd");
LOG(WARNING) << "Filesystem logger test is generating a warning status (1/3)";
auto status_path = fs::path(FLAGS_logger_path) / "osqueryd.INFO";
EXPECT_TRUE(osquery::pathExists(status_path));
std::string content;
EXPECT_TRUE(readFile(status_path, content));
auto lines = osquery::split(content, "\n").size();
EXPECT_EQ(4U, lines);
LOG(WARNING) << "Filesystem logger test is generating a warning status (2/3)";
content.clear();
readFile(status_path, content);
lines = osquery::split(content, "\n").size();
EXPECT_EQ(5U, lines);
auto& rf = RegistryFactory::get();
auto filesystem_test = std::make_shared<FilesystemTestLoggerPlugin>();
rf.registry("logger")->add("filesystem_test", filesystem_test);
EXPECT_TRUE(rf.setActive("logger", "filesystem,filesystem_test").ok());
LOG(WARNING) << "Filesystem logger test is generating a warning status (3/3)";
content.clear();
readFile(status_path, content);
lines = osquery::split(content, "\n").size();
EXPECT_EQ(6U, lines);
relayStatusLogs(true);
content.clear();
readFile(status_path, content);
lines = osquery::split(content, "\n").size();
EXPECT_EQ(6U, lines);
}
void Initializer::initShell() const {
// Get the caller's home dir for temporary storage/state management.
auto homedir = osqueryHomeDirectory();
if (osquery::pathExists(homedir).ok()) {
// Only apply user/shell-specific paths if not overridden by CLI flag.
if (Flag::isDefault("database_path")) {
osquery::FLAGS_database_path =
(fs::path(homedir) / "shell.db").make_preferred().string();
}
if (Flag::isDefault("extensions_socket")) {
if (isPlatform(PlatformType::TYPE_WINDOWS)) {
osquery::FLAGS_extensions_socket = "\\\\.\\pipe\\shell.em";
} else {
osquery::FLAGS_extensions_socket =
(fs::path(homedir) / "shell.em").make_preferred().string();
}
}
} else {
fprintf(
stderr, "Cannot access or create osquery home: %s", homedir.c_str());
FLAGS_disable_extensions = true;
FLAGS_disable_database = true;
}
}
/** Sciaga ze stosu ostatni element na ktorym wykryto kolizje */
short Map::checkColision(const short& Player_x, const short& Player_y,ColisionSide& cSide) {
pPlayer_x = Player_x;
pPlayer_y = Player_y;
/** Pobieranie kolizcji z bonusem badz przeszkoda ( kolizje bez powtorzen )
* odlozonej na stos podczas rysowania */
short result = -1;
if (pColisionStack.size() > 0) {
Point point = pColisionStack.top();
pColisionStack.pop();
short X = point.X;
short Y = point.Y;
if (!itWasReturn[X][Y]) {
itWasReturn[X][Y] = true;
result = pMap[X][Y];
if ( isBonus( result ) || isAdditionalBonus( result ) ) {
drawID->at(X)[Y] = false;
return result;
}
}
}
{ /** wykrywanie kolizji z platforma */
short X = Player_x + 5;
short Y = Player_y;
short current_px = -1 * pOffset_X;
short next_px = current_px + pSize;
ushort index_x = pos_X;
// szukanie kolumny w ktorej jest kolizja
while (!(current_px <= X && next_px > X)) {
++index_x;
current_px = next_px;
next_px += pSize;
}
ushort current_py = App::getScreenHeight();
ushort next_py = current_py - pSize;
int index_y = pAmountEntityVertical - 1;
// szukanie wiersza w ktorym jest kolizja od gory
while (!(current_py >= Y && next_py < Y)) {
--index_y;
current_py = next_py;
next_py -= pSize;
}
if (isPlatform(pMap[index_x][index_y]) || isPlatform(pMap[index_x + 1][index_y])) {
cSide.up = true;
cSide.pos_Y_px = current_py;
}
current_py = App::getScreenHeight();
next_py = current_py - pSize;
index_y = pAmountEntityVertical - 1;
Y = Player_y + pPlayer_sy;
// szukanie wiersza w ktorym jest kolizja od dolu
while (!(current_py >= Y && next_py < Y)) {
--index_y;
current_py = next_py;
next_py -= pSize;
}
if (isPlatform(pMap[index_x][index_y]) || isPlatform(pMap[index_x + 1][index_y])) {
cSide.down = true;
cSide.pos_Y_px = (current_py - 3 * pSize) + 1;
}
current_py = App::getScreenHeight();
next_py = current_py - pSize;
index_y = pAmountEntityVertical - 1;
Y = Player_y;
// szukanie wiersza w ktorym kolizja jest od boku
while (!( current_py < Y + pPlayer_sy && current_py > Y && next_py < Y + pPlayer_sy && next_py > Y ) ) {
--index_y;
current_py = next_py;
next_py -= pSize;
if( index_y < 0 ) break;
}
if( index_y > 0 && ( isPlatform(pMap[index_x][index_y]) || isPlatform(pMap[index_x + 1][index_y]) )) {
float halfTiles = current_py - 0.5 * pSize;
float halfPlayer = pPlayer_y + 0.5 * pPlayer_sy;
if( halfTiles < halfPlayer ) {
cSide.up = true;
cSide.pos_Y_px = current_py;
}
else {
cSide.down = true;
cSide.pos_Y_px = (current_py - 3 * pSize) + 1;
}
}
} //END ADD
return (result);
}